CVE-2025-27817HIGHCVSS 7.5PoC≥ 3.1.0, ≤ 3.9.02025-06-10
CVE-2025-27817 [HIGH] CWE-918 CVE-2025-27817: A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Ap
A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url". Apache Kafka allows clients to read an arbitrary file an
cvelistv5nvd